Can WinXP fit CMM's "one error per 1000 lines" claim?

BUSINESS MAGAZINE Business Week, has published an interesting interview on its web site where Watts S. Humphrey, currently a fellow at the Carnegie Mellon University's Software Engineering Institute, talks about the SEI's "Capability Maturity Model (CMM)" described as a methodology which "helps developers produce error-free software code efficiently and on schedule" (sic).

The article claims that "Instead of one error in every 10 lines of code, which made software development expensive and lengthy, CMM-certified companies now make one error in every 1,000 lines of code". The interesting part is when it mentions Microsoft and IBM as two examples of companies using CMM. So, taking these claims at face value, one could come up with an approximate, statistical number of the number of errors produced in the development of popular software, say, Windows XP.

According to the "Counting Source Lines of Code (SLOC)" web site, Windows XP (in 2002) was 40 Million software lines of code long. So if one assumes that the CMM model was applied and "only" one bug every 1,000 lines of code was introduced, that would put the number of errors in the WinXP source code at "just" 40.000. A leaked internal memo from the Vole five years ago put the number of potential bugs in Windows 2000 at 63 thousand. Windows 2000 was dubbed at the time as "the most reliable version of Windows ever" by Keith White, director of Windows marketing at Microsoft. We guess CMM was not applied to Win2k, as Windows 2000 was 35M source code lines long, which should have resulted in "just" 35,000 bugs, not nearly twice as many.

I'm personally still wondering how the "helps produce error-free software" claim fits the "just one error in every 1,000 lines of code" one. Maybe the solution to create error-free code is to write software programs that are only 999 lines of code long? µ

See Also
Lies, damn lies, and statistics.